Risk assessment and information security ensuring of Starlink satellite communication channels at aviation enterprises

Authors

DOI:

https://doi.org/10.18372/2073-4751.84.20892

Keywords:

Starlink, satellite communications, risk assessment, information security, cybersecurity, aviation enterprises, critical infrastructure, formalized model, low-orbit satellites

Abstract

The article investigates the specific features of risk assessment and information security ensuring of Starlink satellite communication channels when integrated into aviation enterprises as critical infrastructure objects. A structural analysis of the Starlink architecture was conducted, and key threat vectors in the space, ground, and network segments were identified. Based on STRIDE and ISO/IEC 27005 methodologies, an adapted threat model for aviation enterprises was developed. A formalized approach to quantitative risk assessment considering segment architecture, asset criticality and security control effectiveness is proposed. Conceptual principles of a multi-layered protection system are substantiated, including network segmentation, additional cryptographic protection, multi-factor authentication and integration with security monitoring systems. The results can be applied during the integration of satellite communication channels into aviation enterprise information infrastructures.

References

Maral G., Bousquet M., Sun Z. Satellite Communications Systems: Systems, Techniques and Technology. 6th ed. Chichester : Wiley, 2020. 768 p.

Kodheli O., Guidotti A., Vanelli-Coralli A. Integration of satellites in 5G through LEO mega-constellations // IEEE Network. 2017. Vol. 32, No. 5. P. 44–51.

Handley M. Delay is not an option: Low latency routing in space // Proceedings of ACM SIGCOMM 2018. Budapest, 2018. P. 411–426.

Pavur J., Martinovic I. Security and privacy implications of satellite internet // IEEE Symposium on Security and Privacy Workshops (SPW). 2020. P. 232–241.

Bhattacherjee D., Singla A., et al. Characterizing the security and privacy risks of LEO satellite networks // USENIX Security Workshop. 2021.

Shostack A. Threat Modeling: Designing for Security. Indianapolis : Wiley, 2014. 624 p.

Alberts C., Dorofee A. Managing Information Security Risks: The OCTAVE Approach. Boston : Addison-Wesley, 2003. 480 p.

ISO/IEC 27001:2022. Information security, cybersecurity and privacy protection — Information security management systems — Requirements.

ISO/IEC 27005:2022. Information security, cybersecurity and privacy protection — Guidance on managing information security risks.

NISTIR 8270. Introduction to Cybersecurity for Space Systems. National Institute of Standards and Technology, 2020.

ENISA. Cybersecurity for Critical Infrastructure Protection. European Union Agency for Cybersecurity, 2021.

Про основні засади забезпечення кібербезпеки України : Закон України від 05.10.2017 № 2163-VIII. URL: https://zakon.rada.gov.ua/laws/show/2163-19 (дата звернення: 12.12.2025).

Про захист інформації в інформаційно-комунікаційних системах : Закон України від 05.07.1994 № 80/94-ВР (зі змін.). URL: https://zakon.rada.gov.ua/laws/show/80/94-вр (дата звернення: 12.12.2025).

Про критичну інфраструктуру : Закон України від 16.11.2021 № 1882-IX. URL: https://zakon.rada.gov.ua/laws/show/1882-20 (дата звернення: 12.12.2025).

Повітряний кодекс України : Закон України від 19.05.2011 № 3393-VI. URL: https://zakon.rada.gov.ua/laws/show/3393-17 (дата звернення: 02.03.2026).

Про рішення Ради національної безпеки і оборони України від 29 грудня 2016 року «Про Доктрину інформаційної безпеки України» : Указ Президента України від 25.02.2017 № 47/2017. URL: https://zakon.rada.gov.ua/laws/show/47/2017 (дата звернення: 15.12.2025).

Деякі питання об’єктів критичної інфраструктури : Постанова Кабінету Міністрів України від 09.10.2020 № 1109. URL: https://zakon.rada.gov.ua/laws/show/1109-2020-п (дата звернення: 15.12.2025).

Downloads

Published

2025-12-30

How to Cite

Bilonenko, V., Zarubinska, I., Kostiuk, I., & Kutinov, A. (2025). Risk assessment and information security ensuring of Starlink satellite communication channels at aviation enterprises. Problems of Informatization and Management, 4(84), 11–21. https://doi.org/10.18372/2073-4751.84.20892

Issue

Vol. 4 No. 84 (2025)

Section

Статті

License

The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.